Encfs FileVault replacement
Graham Perrin
I'm currently working on an Encfs FileVault replacement
Monty Burns
worked very similar to that, once massive install script that did all
the magic based on some early work from Rob Napier . There was a
startup item that remounted the home dir and relaunched all the
startup items and finder. However this did not work very well with
Leopards finder; it would get complain about the home dir changing and
disable the shortcuts.
The new solution will actually be integrated into the login window
like FileValut. This will provide a transparent Encfs home dir. No
special hacking on files or startup items, that is the design goal.
Rob
Tiger). That, together with some annoying side effects around
keychains have caused me to go down a completely different path based
on LoginHook. I've got a working Encfs replacement for FileVault now,
but it requires the user to type in his EncFS password during the
login process. I don't believe it's possible to fully integrate into
loginwindow. Everything it does about FileVault is magical and hard
coded. I'd like to swap notes, though. How far have you gotten?
I've got working code at this point (and my own home directory
encrypted this way), but unfortunately I just upgraded to the latest
versions of encfs and MacFuse, and it crashes whenever it tries to
mount an encfs on Tiger (so I can't get to my code just now). Should
encfs 1.3.2 and MacFUSE 1.1 work together on Tiger?
-Rob
Monty Burns
of encfs from the 1.0.3 disk image. I did see problems on Leopard.
To fix them I used the newer MacFuse 1.1 and encfs 1.0.0. You can go
back to MacFuse 0.4.0 and you should be in good shape. I have been
planing on building the Tiger version of encfs 1.0.0 but I'm hoping
MacPorts will do an update that include the patch soon.
Monty Burns
integrated into the login window. This works well expect for some
issues with Leopard related to the keychain. For some reason keychain
files will not lock on the fuse mount.
I have been playing around with some of the -o allow_root and -o
allow_other options be the don't seem to fix the issue. Here are some
examples maybe Graham knows a trick or two.
First login the mount is done.
Nov 19 17:27:39 macbook authorizationhost[2001]: EncfsVault: Version
1.00
Nov 19 17:27:39 macbook authorizationhost[2001]: EncfsVault: Mount
done
Nov 19 17:27:39 macbook SecurityAgent[2002]: Login Window done
Nov 19 17:27:40 macbook loginwindow[1994]: Lock failure on /Users/
testencfs/Library/Keychains/lck~login.keychain: Operation not
permitted
Second login the mount is already in place so no mount is done but
same failure
Nov 19 17:36:48 macbook loginwindow[2076]: Lock failure on /Users/
testencfs/Library/Keychains/lck~login.keychain: Operation not
permitted
Graham Perrin
> I have been playing around with some of the -o allow_root and -o
> allow_other options be the don't seem to fix the issue. Here are some
> examples maybe Graham knows a trick or two.
Hi Monty
Whilst you may experiment with those options whilst troubleshooting,
I should never recommend them for normal use.
For security: I should never want a process that's not mine to access
my EncFS volume.
If some other process-oriented user ID gains access to my EncFS
volume, then that (other) user might become a possible vector of
attack for hackers.
Security aside: I have the impression that allow_other and allow_root
should be avoided for reasons of stability.
----
Bouncing now between the MacFusion and MacFUSE groups ... re
http://groups.google.com/group/macfuse-devel/browse_frm/thread/
b5e57bfa61927f72
with my thoughts still on *order of events* and maybe *multiplicity*,
have you tried a simple
-s
for single threaded mode?
http://code.google.com/p/macfuse/wiki/OPTIONS
Regards
Graham
Graham Perrin
> Lock failure on /Users/testencfs/Library/Keychains/
> lck~login.keychain: Operation not permitted
Operation not permitted ... because the file is open or busy?
The "not permitted" seems, to me, different from the examples at
http://groups.google.com/group/macfuse-devel/msg/8b969b65195ff932
-- there, where we expect locks to succeed, they ultimately don't
succeed, but there's no such advice
-- we note the absence of a lock only when we subsequently _look_ for
the lock.
----
Broadening my thoughts:
-- *does* the lock fail?
-- is the file somehow _locked_ _then_ _unlocked_?
Monty Burns
the IV chaining mode. When its set to external the hard links will
not work, just changing the setting seems to fix it.
Enable filename to IV header chaining?
This makes file data encoding dependent on the complete file path.
If a file is renamed, it will not decode sucessfully unless it
was renamed by encfs with the proper key.
If this option is enabled, then hard links will not be supported
in the filesystem.
Thanks for your help looking into this.
Monty Burns
http://www.chuckknowsbest.com/ikrypt/encfsvault.html
Darkker
already?
Is the source code available?
This looks interesting.
Monty Burns
Leopard for a couple of weeks. I plan to update the installer this
weekend to allow a program to enable/disable so you do not have to had
edit config files. I have not done any testing with TimeMachine yet
since the backup are unsecure. I'm working on getting TimeMachine
working with EncFS mounts, once I have that going I will do some
TimeMachine testing.
Monty Burns
etc files.
http://www.chuckknowsbest.com/ikrypt/download.html
http://www.chuckknowsbest.com/ikrypt/encfsvault.html